Cloakware Password Authority™ - Administrator and application-to-application password management software
(Formerly Cloakware Server Password Manager)
How do you manage your privileged password accounts?
How does your organization manage the thousands of privileged, administrator and application
passwords which your IT administrators, applications, and scripts
use to access and maintain your enterprise databases, storage, mainframes,
network devices and other applications and systems?
If you're like most organizations, you've adopted manual processes
for managing system passwords or you are not managing them at
all. As a result, your most sensitive passwords are often widely
known and shared among administrators, hard-coded into applications
and scripts, rarely--if ever--changed, and almost impossible to find
or re-certify when someone changes roles or leaves the organization. Manual processes tie up resources and put your sensitive system and application data at risk.
Many IT compliance requirements magnify the privileged password management
problem by requiring unique credentials for each administrator and
application-to-application (A2A) account, minimal role entitlements,
frequent password updates, and strong passwords.
Why automate the management of administrator and application passwords?
Manual processes simply can't cope with the scale of the password
management problem in large IT operations. Expanding, merging or
downsizing your IT operations only increases password management
risks and pressure from FISMA, FERC, PCI, SOX and HIPAA.
Cloakware Password Authority™ replaces your error-prone manual processes
with robust, automated policy-driven processes, enabling you to meet
your password compliance requirements and ensure the continuity and
security of your IT operations.
Benefits of automated password management
Password Authority benefits organizations through the four "A's" of
effective password management:
Assess
- Through integration with third-party solutions such as SailPoint,
attain 100% coverage of discovering, assessing and eliminating
identity management risks throughout the entire password life-cycle
Automate
- Cut IT administration costs across the enterprise and increase
service levels by eliminating maintenance windows and outages associated
with manual password changes
Assure
- Assure compliance with GRC requirements and organizational policies
for password management
- Assure business continuity while under regulatory pressure to
manage your privileged passwords
- Assure operational continuity and service-level agreements (SLAs)
in the wake of network outages, network latency, disasters, and
insider threats arising from mergers, downsizing and outsourcing
Audit
- Audit all password-related activity through syslog-enabled aggregation,
correlation, monitoring, notification, alerts, and reporting
Cloakware Password Authority features
Scalability - can protect up to millions of credentials
Cloakware Password Authority is the only privileged password management
solution architected from the ground up to meet the demanding requirements
of large global IT operations. Scalable, flexible and enterprise-ready,
it can manage millions of credentials for applications and administrators
alike across multi-site, heterogeneous environments. Password Authority’s
push technology simplifies the distribution of password updates
to systems and custom applications across large distributed operations.
Integrate virtually any back-end
process
The server-based component architecture and extensible
connector technology allows you to integrate virtually any back-end
process. Out of the box, Password Authority supports a wide variety
of common datacenter systems such as databases, servers and routers.
Easy to use templates make it easy to add plug-and-play support for
other systems.
The Password Authority server components run on:
- Solaris 10
- Red Hat Linux AS4
- Windows Server 2003
The Password Authority client components (for A2A processes)
run on:
- Solaris 8/9/10
- AIX 5.1 / 5.2
- Red Hat Linux 7.2 / ES4 / AS4
- Microsoft Windows NT / XP / Server 2000 / Server 2003
- IBM AS400
- and HP-UX
An administrative CLI and JAVA API enable you to integrate custom
administration, workflow and deployment applications with Password
Authority.
Enterprise-grade, high-availability reliability
Password Authority is designed with enterprise-grade "five-nines" reliability
in mind. It supports high-availability techniques such as load balancing,
clustering, failover/failback, data replication and verification,
multi-site deployment, multi-homed access and secure local-caching
to ensure that credentials are available when they are needed.
Security through comprehensive encryption and software protection techniques
Password Authority leverages Cloakware’s deep expertise in
encryption and software protection techniques to ensure that credentials
remain protected at every stage of their use. Critical information
like passwords, keys and business logic are protected while on disk,
in memory and on the network. Risk mitigation is all about applying
the appropriate security techniques to address the threats that have
been identified against your systems. Password Authority was designed
to address the Insider Threat. Password Authority employs many layers
of defense and many security techniques not available in competitive
offerings, including data and control flow transformations to help
protect against both static and dynamic analysis attacks.
> Learn
more about Cloakware's encryption
and software protection techniques.
On top of this secure infrastructure, Password Authority ensures
that only authorized applications and administrators can access sensitive
credentials through a least-privilege approach. Role-based authentication
and grouping capabilities ensure that each Cloakware Password Authority
administrator’s span-of-control is customizable to their job
function. Separation of duties and delegation of authority are achieved
as a result, with staff and contractors receiving only the access
they need to perform their tasks. Identity-based authentication of
unattended applications ensure that application scope-of-access can
be controlled through flexible yet granular policies.
Comprehensive reporting and auditing
Regulatory auditors are becoming more sophisticated every year and
are demanding ever more details about your operations. Password Authority
gives you the detailed information you need to prove password compliance
and ensure best practices. Activity logging and reporting data are
at your fingertips and also available in standard syslog format.
You can easily extend your analysis with third-party aggregation,
correlation, monitoring, notification, and alerting tools to help
prevent fraud, data breaches and misuse of corporate data.
Extensive workflows and designed for usability
Role-based tasks and workflows are presented in a thoughtfully-designed
Web browser interface that enables even novice or occasional users
of Password Authority to manage passwords efficiently and confidently.
All functions are also accessible through a CLI and JAVA API to enable
integration with custom scripts and applications. Detailed online
documentation helps users find answers quickly.
Learn more
Top of page
Don't let this contractor steal your critical data. Learn how to reduce the threat of hard-coded passwords.